Silk road to Bug Hunting

Windows Fundamentals
• Learn how use computer
• How to use the Internet
• How to Searching for information in search engines professionally
• How to Use Chat GBT to obtain information on a specific topic

A+ Certification

https://mega.nz/folder/zSpnzKKD#UPhqD2NZBoM3ImhvMsx9qA

Network
• Network Concepts
• Network Protocols
• Network Topologies
• Network Devices
• IP Addressing and Subnetting
• Network Security
• Network Troubleshooting
• Wireless Networking

Network+ Cert

https://mega.nz/folder/fC5njSyR#NMw88ZzRaYhDTSmYewodXA

Linux
• Ways to use tools in a system
• Linux command line

https://learn.microsoft.com/en-us/training/paths/shell/

Programming Languages
C++ ) You need to learn this language because it helps you learn other languages (

• Syntax and Basic Structure

• Data Types
• Variables and Constants
• Operators
• Control Flow
• Functions
• Arrays and Vectors
• Pointers and References
• Object-Oriented Programming (OOP)
• File I/O
• Exception Handling

https://elzero.org/study/cplusplus-study-plan/

HTML + CSS ) You need them to understand how the website is designed (

https://elzero.org/study/html-2021-study-plan/

https://elzero.org/study/css-2021-study-plan/
JavaScript

• DOM Manipulation
• XSS ( R , S , Dom )
• Client-Side Validation
• AJAX and Web APIs
• Event Handling
• JavaScript Security Headers
• Browser Security Features
• JavaScript Obfuscation Techniques
• Client-Side Storage

https://mega.nz/folder/ya5W0Lxa#Ocx3Gbtkv8PqSzzSpG6PfA

https://mega.nz/folder/ub40ARZD#TmsUGA1MK4_-lVbRvJG-QQ

JSON

• JSON Injection
• Input Validation
• JSON Schema Validation
• Data Encoding and Escaping
• Client-Side JSON Handlin
• Server-Side JSON Processing
• JSON Web Tokens (JWT)
• Secure JSON APIs
• Security Testing Techniques

PHP & Laravel

• Authentication and Authorization

• Input Validation
• Route Protection
• Database Security
• Error Handling and Logging
• Session Management
• File Upload Security
• Security Headers and Middleware
• Third-Party Package Security

https://elzero.org/study/php-bootcamp-2022-study-plan/

MYSQL

• SQL Injection (SQLi)

• Input Validation and Prepared Statements
• Privilege Escalation
• Database Configuration
• Data Encryption and Hashing
• Security Vulnerability Assessment Tools

https://mega.nz/folder/wswGEIhb#tsqUggTZyfy5HyRWUkV9sg/folder/FgQRyaqb
Bash script ) You can learn it at any time with the other languages above (

• Command Line Basics

• Shell Scripting Basics
• File System Operations
• Text Processing
• System Administration Tasks
• System Configuration Analysis
• Log Analysis
• Network Monitoring and Analysis

https://mega.nz/folder/CGBj3S5S#UT2y_zzEcV8MybIEHvhpGQ

Also after that you can increase your experience in important languages

• Python
• Ruby
• Graphql

Web Application Security

• Security Vulnerabilities ) XSS , CSRF , IDOR , SQLI , authentication bypass, … ETC )
• Concurrency and Race Conditions
• Memory Leaks and Memory Corruption
• Buffer Overflows and Underflows
• Logic Errors
• Input Validation and Sanitization
• Resource Leaks
• Performance and Scalability Issues
• ETC …..

Start Hack
• Select your goal
• Learn How to Enumeration
• Learn how to recon ) Active & Passive Reconnaissance )
• Learn how to search for site files & folder
• Record your notes as you work
• Find out what dangerous information is being leaked and can report it
• Learn how to extract visible and hidden parameters
• Learn how to exploit the security vulnerability
• Try to escalate the vulnerability to the maximum extent possible
• Learn how to understand the severity status of any vulnerability
• Learn how to write a report correctly

Good Luck